Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!
Lead Security Signature Engineer
You will be part of Policy Audit signature engineer team that is responsible for the research, development, and delivery of compliance signatures for product - Policy Audit (PA).
Job Description:
You will be part of Policy Audit signature engineer team that is responsible for the research, development, and delivery of compliance signatures for product - Policy Audit (PA). In this team you will work on numerous security standards like CIS, NIST, DISA, PCI-DSS and help customers assess the the Operate System, Network Device, Database and Middleware Applications configurations and compliance.
Responsibilities:
· Research and develop scripts with PowerShell, shell, python, etc. to implement security configuration checks on Windows, Linux platforms reliably.
· Hardening and Configuration of end-points, ranging from Operating systems to Database to Application software such as Apache HttpServer, Tomcat Server and Microsoft IIS.
· Provide subject matter expertise to internal core engineering and infrastructure teams
Qualifications:
· BS/MS in Computer Science or a related field
· Experience of 2+ years with BS/BE/MCA in Technical/Software field
· Experience with Unix/Linux, Windows OS Application Software and Network Devices in productive environment.
· Good knowledge and experience on vulnerability research, platform security, patch and remediation.
· Strong understanding of HTTP(S), TCP/IP, SSH and SSHD protocols.
· Proficient in Shell, Python, PowerShell scripting language
· Proficient in Regular Expressions and Programming methods.
· Installation, Configuration and administration of Applications on
· Knowledge of programming in the Unix/Linux/windows environment.
· History of working with source control (SVN) and bug tracking tools (JIRA)
· Good communication skills.
· Windows system administration experience including system configuration and in-depth under the hood working of: Local security Policy, Domain Security Policy, WMI, GPO, User Account Control, User Rights, Account policy, Audit policy, Event Log, Windows Firewall, Updates and various security Options.
· UNIX system administration experience including system configuration and in-depth under the hood working of: Secure Boot Settings, TCP Wrappers, IPtables, Logging and Auditing, syslog, auditd, logrotate, cron, PAM, File permissions, user and group settings
Top Skills
What We Do
Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of disruptive cloud-based security, compliance and IT solutions with more than 10,000 subscription customers worldwide, including a majority of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and automate their security and compliance solutions onto a single platform for greater agility, better business outcomes, and substantial cost savings.
The Qualys Cloud Platform leverages a single agent to continuously deliver critical security intelligence while enabling enterprises to automate the full spectrum of vulnerability detection, compliance, and protection for IT systems, workloads and web applications across on premises, endpoints, servers, public and private clouds, containers, and mobile devices. Founded in 1999 as one of the first SaaS security companies, Qualys has strategic partnerships and seamlessly integrates its vulnerability management capabilities into security offerings from cloud service providers, including Amazon Web Services, the Google Cloud Platform and Microsoft Azure, along with a number of leading managed service providers and global consulting organizations. For more information, please visit http://www.qualys.com
